Common Weakness Enumeration

CWE-312

Allowed

Cleartext Storage of Sensitive Information

Abstraction: Base · Status: Draft

The product stores sensitive information in cleartext within a resource that might be accessible to another control sphere.

1017 vulnerabilities reference this CWE, most recent first.

GHSA-Q9W3-4QX4-V262

Vulnerability from github – Published: 2022-05-24 19:05 – Updated: 2022-05-24 19:05
VLAI
Details

TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-28858"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-06-15T22:15:00Z",
    "severity": "MODERATE"
  },
  "details": "TP-Link\u0027s TL-WPA4220 4.0.2 Build 20180308 Rel.37064 does not use SSL by default. Attacker on the local network can monitor traffic and capture the cookie and other sensitive information.",
  "id": "GHSA-q9w3-4qx4-v262",
  "modified": "2022-05-24T19:05:34Z",
  "published": "2022-05-24T19:05:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28858"
    },
    {
      "type": "WEB",
      "url": "https://yunus-shn.medium.com/tp-links-tl-wpa4220-v4-0-cleartext-transmission-of-sensitive-information-40357c778b84"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

GHSA-QC4C-HG95-VJCG

Vulnerability from github – Published: 2022-05-24 17:45 – Updated: 2026-07-05 00:31
VLAI
Details

The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2021-28937"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2021-03-29T13:15:00Z",
    "severity": "HIGH"
  },
  "details": "The /password.html page of the Web management interface of the Acexy Wireless-N WiFi Repeater REV 1.0 (28.08.06.1) contains the administrator account password in plaintext. The page can be intercepted on HTTP.",
  "id": "GHSA-qc4c-hg95-vjcg",
  "modified": "2026-07-05T00:31:17Z",
  "published": "2022-05-24T17:45:39Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-28937"
    },
    {
      "type": "WEB",
      "url": "https://blog-ssh3ll.medium.com/acexy-wireless-n-wifi-repeater-vulnerabilities-8bd5d14a2990"
    },
    {
      "type": "WEB",
      "url": "http://acexy.com"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QCHG-5F29-5GXW

Vulnerability from github – Published: 2023-03-29 03:30 – Updated: 2023-04-05 03:30
VLAI
Details

A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-1683"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200",
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-03-29T01:15:00Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability was found in Xunrui CMS 4.61 and classified as problematic. Affected by this issue is some unknown functionality of the file /dayrui/Fcms/View/system_log.html. The manipulation leads to information disclosure. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-224240.",
  "id": "GHSA-qchg-5f29-5gxw",
  "modified": "2023-04-05T03:30:17Z",
  "published": "2023-03-29T03:30:25Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1683"
    },
    {
      "type": "WEB",
      "url": "https://github.com/2714925725/CMS-bug/blob/main/Informationdisclosure-1.md"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?ctiid.224240"
    },
    {
      "type": "WEB",
      "url": "https://vuldb.com/?id.224240"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QF6H-WR49-RV76

Vulnerability from github – Published: 2022-09-25 00:00 – Updated: 2022-09-28 00:00
VLAI
Details

A cleartext storage of sensitive information exists in Rocket.Chat <v4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-32217"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312",
      "CWE-532"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-09-23T19:15:00Z",
    "severity": "MODERATE"
  },
  "details": "A cleartext storage of sensitive information exists in Rocket.Chat \u003cv4.6.4 due to Oauth token being leaked in plaintext in Rocket.chat logs.",
  "id": "GHSA-qf6h-wr49-rv76",
  "modified": "2022-09-28T00:00:24Z",
  "published": "2022-09-25T00:00:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-32217"
    },
    {
      "type": "WEB",
      "url": "https://hackerone.com/reports/1394399"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QGF7-MPPG-P3H3

Vulnerability from github – Published: 2022-05-13 01:53 – Updated: 2022-05-13 01:53
VLAI
Details

In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and potentially decrypt those credentials more easily than intended.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2018-9065"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2018-07-30T16:29:00Z",
    "severity": "HIGH"
  },
  "details": "In Lenovo xClarity Administrator versions earlier than 2.1.0, an attacker that gains access to the underlying LXCA file system user may be able to retrieve a credential store containing the service processor user names and passwords for servers previously managed by that LXCA instance, and potentially decrypt those credentials more easily than intended.",
  "id": "GHSA-qgf7-mppg-p3h3",
  "modified": "2022-05-13T01:53:50Z",
  "published": "2022-05-13T01:53:50Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2018-9065"
    },
    {
      "type": "WEB",
      "url": "https://support.lenovo.com/us/en/solutions/LEN-22168"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QGGP-C2RQ-6X65

Vulnerability from github – Published: 2023-09-13 09:30 – Updated: 2024-04-04 07:38
VLAI
Details

A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-4400"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-256",
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-09-13T07:15:08Z",
    "severity": "MODERATE"
  },
  "details": "\nA password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.\n\n",
  "id": "GHSA-qggp-c2rq-6x65",
  "modified": "2024-04-04T07:38:46Z",
  "published": "2023-09-13T09:30:20Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-4400"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-qggp-c2rq-6x65"
    },
    {
      "type": "WEB",
      "url": "https://kcm.trellix.com/corporate/index?page=content\u0026id=SB10406"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QGJM-4MG2-6WM5

Vulnerability from github – Published: 2026-05-29 21:31 – Updated: 2026-06-01 18:31
VLAI
Details

StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\Users\.sdm\state.kv. The file is protected only by default user-level NTFS permissions.

Exploitation requires local read access to the affected user's profile directory and additional deployment and execution conditions on the target host.

The condition was reported through coordinated disclosure by Hope Walker (SpecterOps).

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-4387"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-05-29T20:16:30Z",
    "severity": "LOW"
  },
  "details": "StrongDM Desktop Application before 23.74.0 (Desktop Client before 53.77.0) on Microsoft Windows stores authentication state, including a JSON Web Token and asymmetric key material, in cleartext in a per-user state file located at C:\\Users\\\u003cusername\u003e\\.sdm\\state.kv. The file is protected only by default user-level NTFS permissions.\n\n\n\nExploitation requires local read access to the affected user\u0027s profile directory and additional deployment and execution conditions on the target host.\n\n\n\nThe condition was reported through coordinated disclosure by Hope Walker (SpecterOps).",
  "id": "GHSA-qgjm-4mg2-6wm5",
  "modified": "2026-06-01T18:31:47Z",
  "published": "2026-05-29T21:31:24Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-4387"
    },
    {
      "type": "WEB",
      "url": "https://security.strongdm.com/?tcuUid=56fde839-9388-4361-8d3b-9baa7b2de2ed"
    },
    {
      "type": "WEB",
      "url": "https://specterops.io/blog/2026/06/01/cve-2026-4387-strongdm-state-file-reuse"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:L/AC:L/AT:P/PR:L/UI:N/VC:L/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
      "type": "CVSS_V4"
    }
  ]
}

GHSA-QGMQ-RHMW-XW3R

Vulnerability from github – Published: 2025-07-31 15:35 – Updated: 2025-12-24 00:30
VLAI
Details

A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-7738"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-07-31T14:15:35Z",
    "severity": "MODERATE"
  },
  "details": "A flaw was found in Ansible Automation Platform (AAP) where the Gateway API returns the client secret for certain GitHub Enterprise authenticators in clear text. This vulnerability affects administrators or auditors accessing authenticator configurations. While access is limited to privileged users, the clear text exposure of sensitive credentials increases the risk of accidental leaks or misuse.",
  "id": "GHSA-qgmq-rhmw-xw3r",
  "modified": "2025-12-24T00:30:12Z",
  "published": "2025-07-31T15:35:48Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-7738"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/django-ansible-base/pull/773"
    },
    {
      "type": "WEB",
      "url": "https://github.com/ansible/django-ansible-base/commit/e241ea4dce8df577eda15301e0a8e61be647b27b"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/errata/RHSA-2025:12772"
    },
    {
      "type": "WEB",
      "url": "https://access.redhat.com/security/cve/CVE-2025-7738"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2381589"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-QGW9-VGRF-H723

Vulnerability from github – Published: 2023-04-12 18:30 – Updated: 2023-04-12 22:18
VLAI
Summary
Jenkins Report Portal Plugin allows users with Item/Extended Read permission to view tokens on Jenkins controller
Details

Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job config.xml files on the Jenkins controller as part of its configuration.

These tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.

Additionally, the configuration form does not mask these tokens, increasing the potential for attackers to observe and capture them.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Maven",
        "name": "org.jenkins-ci.plugins:reportportal"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "last_affected": "0.5"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-30523"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-04-12T22:18:27Z",
    "nvd_published_at": "2023-04-12T18:15:00Z",
    "severity": "MODERATE"
  },
  "details": "Jenkins Report Portal Plugin 0.5 and earlier stores ReportPortal access tokens unencrypted in job `config.xml` files on the Jenkins controller as part of its configuration.\n\nThese tokens can be viewed by users with Item/Extended Read permission or access to the Jenkins controller file system.\n\nAdditionally, the configuration form does not mask these tokens, increasing the potential for attackers to observe and capture them.",
  "id": "GHSA-qgw9-vgrf-h723",
  "modified": "2023-04-12T22:18:27Z",
  "published": "2023-04-12T18:30:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-30523"
    },
    {
      "type": "WEB",
      "url": "https://www.jenkins.io/security/advisory/2023-04-12/#SECURITY-2945"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2023/04/13/3"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Jenkins Report Portal Plugin allows users with Item/Extended Read permission to view tokens on Jenkins controller"
}

GHSA-QGX3-64XJ-X44J

Vulnerability from github – Published: 2023-11-22 18:30 – Updated: 2023-11-30 06:33
VLAI
Details

Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-47312"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-312"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-22T17:15:22Z",
    "severity": "MODERATE"
  },
  "details": "Headwind MDM Web panel 5.22.1 is vulnerable to Incorrect Access Control due to Login Credential Leakage via Audit Entries.",
  "id": "GHSA-qgx3-64xj-x44j",
  "modified": "2023-11-30T06:33:23Z",
  "published": "2023-11-22T18:30:57Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-47312"
    },
    {
      "type": "WEB",
      "url": "https://boltonshield.com/en/cve/cve-2023-47312"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation
Implementation System Configuration Operation

When storing data in the cloud (e.g., S3 buckets, Azure blobs, Google Cloud Storage, etc.), use the provider's controls to encrypt the data at rest. [REF-1297] [REF-1299] [REF-1301]

Mitigation
Implementation System Configuration Operation

In some systems/environments such as cloud, the use of "double encryption" (at both the software and hardware layer) might be required, and the developer might be solely responsible for both layers, instead of shared responsibility with the administrator of the broader system/environment.

CAPEC-37: Retrieve Embedded Sensitive Data

An attacker examines a target system to find sensitive data that has been embedded within it. This information can reveal confidential contents, such as account numbers or individual keys/credentials that can be used as an intermediate step in a larger attack.